Date: Mon, 18 Sep 2000 09:39:13 -0700 (PDT) From: Kris Kennaway <kris@FreeBSD.org> To: Igor Roshchin <str@giganda.komkon.org> Cc: security-advisories@FreeBSD.ORG, security@FreeBSD.ORG Subject: Re: FreeBSD Ports Security Advisory: FreeBSD-SA-00:47.pine Message-ID: <Pine.BSF.4.21.0009180937400.5450-100000@freefall.freebsd.org> In-Reply-To: <200009181629.MAA16045@giganda.komkon.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 18 Sep 2000, Igor Roshchin wrote:
>
> Would somebody, please, clarify if the older
> pine3 port is also vulnerable ?
> I know that it is no longer supported in the ports collection,
> but it is still being used.
> Since pine3 port is not formally a pine4 port, although
> its version is before 4.21, it is not clear if this bug
> existed since the 3.xx period or it was introduced in 4.xx
> version.
I have no idea - but you definitely should not be using pine3, there were
many security bugs with that version - details escape me, but I think they
included remotely exploitable buffer overflows.
Kris
--
In God we Trust -- all others must submit an X.509 certificate.
-- Charles Forsythe <forsythe@alum.mit.edu>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0009180937400.5450-100000>